Lucene search
HistoryOct 27, 2023 - 8:15 p.m.
CVE-2022-3701
lenovo vantage
privilege elevation
vulnerability
arbitrary code execution
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin version 2.0.0.212 and earlier that could allow a local attacker to execute arbitrary code with elevated privileges.
Affected configurations
Node
lenovosystem_update_pluginRange<2.0.0.213lenovo_vantage
Node
lenovohardware_scan_pluginRange<1.3.1.2lenovo_vantage
Node
lenovohardware_scan_addinRange<2.4.1.1lenovo_vantage
| Vendor | Product | Version | CPE |
|---|---|---|---|
| lenovo | system_update_plugin | * | cpe:2.3:a:lenovo:system_update_plugin:*:*:*:*:*:lenovo_vantage:*:* |
| lenovo | hardware_scan_plugin | * | cpe:2.3:a:lenovo:hardware_scan_plugin:*:*:*:*:*:lenovo_vantage:*:* |
| lenovo | hardware_scan_addin | * | cpe:2.3:a:lenovo:hardware_scan_addin:*:*:*:*:*:lenovo_vantage:*:* |
Related
prion
prion
Privilege escalation
2023-10-27 20:15:00
vulnrichment
vulnrichment
CVE-2022-3701
2023-10-27 19:38:49
cvelist
cvelist
CVE-2022-3701
2023-10-27 19:38:49
cve
cve
CVE-2022-3701
2023-10-27 20:15:08
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2022-3701